You’ve probably heard the word ‘phishing’ whispered in the hallways of your office, and have a vague knowledge of it as some kind of scam or virus.
Well, you’d be right. Phishing emails are designed to steal your identity. Scam artists use them to gather personal information or direct you to website or phone numbers where you will be asked to provide personal data.
What is Phishing?
Phishing (n) The act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
Phishing scams are exactly what they sound like – fraudsters fishing for your sensitive personal information with scam emails, in order to steal your identity.
Phishing emails direct users to a website to ‘update’ personal information, such as a password, credit card information, social security or bank account numbers. The website will be bogus and will steal the information you enter on the page. Scammers will pose as popular websites like Microsoft or eBay, and send thousands of emails out indiscriminately, in the hope that someone with an account with those websites will click on it and enter their personal information.
How Do I Detect a Phishing Scam?
To protect yourself against a phishing scam, it’s important to know what one looks like. Phishing emails can take a number of forms. They’ll most commonly come from a company you regularly do business with, like on of your social networking sites, eBay or Microsoft, for example. They can also appear to be from someone in your email inbox, so beware.
Phishing emails are not always easy to identify, as they often carry official logos and identifying information from legitimate websites.
A phishing email message might ask you to make a phone call, where a person or auto audio response unit will ask for your account number, personal ID, password or any other personal data. They may also ask you to click a link to a fraudulent website in which to enter your details.
There is one easy way to detect a fraudulent link in a phishing email – run your cursor over it, and if the link in the yellow box is different to the link in the email, it’s probably fake. Also, fraudsters might use a well-known web address like www.microsoft.com but deliberately omit a letter, hoping that users won’t notice e.g www.micosoft.com.
Did you spot the difference? One will take you to the legitimate Microsoft website, while the other will direct you to a fake website where your details could be stolen.
Worried that you’ve been the victim of a phishing scam? Talk to us about tightening security on your chambers communications.